<?php
	
	require_once '../dbconfig.php';

	if($_POST)
	{
		$uid = ;
		$old_pw = $_POST['old_pw'];
		$new_pw = $_POST['new_pw'];
		$new_cpw = $_POST['new_cpw'];

		try
		{
			if($new_pw != $new_cpw)
			{
				echo 'passwords Are Not Equal!';
				break;
			}

			$checkpw = $db_con->prepare("SELECT * FROM users WHERE usr_id=:uid and usr_pw=:old_pw");
			$checkpw->bindParam(":uid",$uid);
			$checkpw->bindParam(":old_pw",$old_pw);
			$checkpw->execute();
			$count = $checkpw->rowCount();

			if($count==0)
			{
				echo 'Original password is Incorrect!'
				break;
			}
			else
			{
				$changepw = $db_con->prepare("UPDATE users SET usr_pw = :new_pw WHERE usr_id=:uid and usr_pw=:old_pw")
				$changepw->bindParam(":uid",$uid);
				$changepw->bindParam(":new_pw",$new_pw);
				$changepw->bindParam(":old_pw",$old_pw);
				if ($changepw->execute())
				{
					echo 'Successful!';
				}
				else
				{
					echo 'Unknown Error!';
				}
			}

		}
		catch(PDOException $e)
		{
			echo $e->getMessage();
		}
	}

?>